IIRC the problem is somebody is attempting to ssh/sftp in using a user-id that does not exist on your system, which means the password they entered is invalid. Is your system accessible via the public Internet? Somebody may be attempting to break into your system.
If you don't have auth logging, you may want to add: *.*.auth.* "/somedirectory/somefile" And you can see failed logon attempts. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
